From 3963fdd97e079dfabaed936a5bb6cdce6cb86142 Mon Sep 17 00:00:00 2001 From: "Alex A. Naanou" Date: Sat, 20 Jan 2024 17:58:46 +0300 Subject: [PATCH] refactoring... Signed-off-by: Alex A. Naanou --- .pct-helpers | 177 +++++++++++++++++++++++++++--------------- config.global.example | 7 +- gate-traefik/make.sh | 2 +- gitea/make.sh | 2 +- nextcloud/make.sh | 3 +- ns/make.sh | 2 +- syncthing/make.sh | 3 + wireguard/make.sh | 2 +- 8 files changed, 129 insertions(+), 69 deletions(-) diff --git a/.pct-helpers b/.pct-helpers index 28b4de9..d5de259 100644 --- a/.pct-helpers +++ b/.pct-helpers @@ -164,18 +164,17 @@ normpath(){ #---------------------------------------------------------------------- # -# getLatestTemplate PATTERN [VAR] +# pveGetLatestTemplate PATTERN [VAR] # # see: # https://pve.proxmox.com/wiki/Linux_Container -getLatestTemplate(){ +pveGetLatestTemplate(){ if [ $DRY_RUN ] ; then [ -z $2 ] \ || eval "$2=${CT_TEMPLATE:-\\\$CT_TEMPLATE}" return fi - #IFS=$'\n' #@ pveam update local templates=($(pveam available | grep -o ''${1}'.*$')) @@ -489,6 +488,99 @@ readVars(){ } +# +# makeTemplateSEDPatterns VAR ... +# +makeTemplateSEDPatterns(){ + local var + for var in "$@" ; do + local val=${!var} + if [[ $val == SKIP ]] ; then + val= + fi + echo "-e 's/\\\${${var}}/${val//\//\\/}/g'" + done +} + +# same as makeTemplateSEDPatterns but adds default vars + generates *_IPn vars... +PCT_TEMPLATE_VARS=( + EMAIL + DOMAIN + CTHOSTNAME + GATE_HOSTNAME + NS_HOSTNAME + GATE_LAN_IP + GATE_ADMIN_IP + NS_LAN_IP + NS_ADMIN_IP + WAN_IP + WAN_GATE + LAN_IP + LAN_GATE + ADMIN_IP + ADMIN_GATE +) +makePCTTemplateSEDPatterns(){ + # strip ips and save to *_IPn var... + local ip_vars=() + local var + local val + for var in ${PCT_TEMPLATE_VARS[@]} ; do + if [[ $var =~ .*_IP ]] ; then + local val=${!var} + if [[ $val == SKIP ]] ; then + val= + fi + ip_vars+=("${var}n") + eval "local ${var}n=\"${val/\/*}\"" + fi + done + + makeTemplateSEDPatterns "${PCT_TEMPLATE_VARS[@]}" "${ip_vars[@]}" "$@" +} + + +# +# expandTemplate PATH VAR ... +# .. | expandTemplate VAR ... +# +PCT_TEMPLATE_PATTERNS= +expandTemplate(){ + if [ -t 0 ] ; then + local input=$1 + shift + else + local input=/dev/stdin + fi + + if [ -z "$PCT_TEMPLATE_PATTERNS" ] ; then + local patterns=($(makeTemplateSEDPatterns "$@")) + else + local patterns=("${PCT_TEMPLATE_PATTERNS[@]}") + fi + + cat "${input}" \ + | eval "sed ${patterns[@]}" +} + + +# +# expandTemplate PATH [VAR ...] +# .. | expandTemplate [VAR ...] +# +expandPCTTemplate(){ + local input= + if [ -t 0 ] ; then + input=$1 + shift + fi + + local PCT_TEMPLATE_PATTERNS=($(makePCTTemplateSEDPatterns "$@")) + + expandTemplate "${input}" +} + + # # buildAssets [VAR ..] # @@ -497,62 +589,17 @@ NOTES=NOTES.md buildAssets(){ local template_dir=${TEMPLATE_DIR:-templates} local assets_dir=${ASSETS_DIR:-assets} + local staging_dir=${STAGING_DIR:-staging} if ! [ -e $template_dir ] ; then return fi - local PATTERNS=() - local DFL_VARS=( - EMAIL - DOMAIN - CTHOSTNAME - GATE_HOSTNAME - NS_HOSTNAME - GATE_LAN_IP - GATE_ADMIN_IP - NS_LAN_IP - NS_ADMIN_IP - WAN_IP - WAN_GATE - LAN_IP - LAN_GATE - ADMIN_IP - ADMIN_GATE - ) - for var in ${DFL_VARS[@]} ; do - local val=${!var} - if [[ $val == SKIP ]] ; then - val= - fi - PATTERNS+=("-e 's/\\\${${var}}/${val//\//\\/}/g'") - done - local IP_VARS=( - GATE_LAN_IPn - GATE_ADMIN_IPn - NS_LAN_IPn - NS_ADMIN_IPn - WAN_IPn - LAN_IPn - ADMIN_IPn - ) - for var in ${IP_VARS[@]} ; do - var=${var%n} - local val=${!var} - if [[ $val == SKIP ]] ; then - val= - fi - PATTERNS+=("-e 's/\\\${${var}n}/${val/\/*}/g'") - done - # args... - for var in $@ ; do - local val=${!var} - if [[ $val == SKIP ]] ; then - val= - fi - PATTERNS+=("-e 's/\\\${${var}}/${val//\//\\/}/g'") - done + local PCT_TEMPLATE_PATTERNS=($(makePCTTemplateSEDPatterns "$@")) + # assets... + cp -R "${assets_dir}"/* "${staging_dir}" + # template dir... local TEMPLATES=($(find "$template_dir" -type f)) for file in "${TEMPLATES[@]}" ; do file=${file#${template_dir}} @@ -560,20 +607,28 @@ buildAssets(){ [ $DRY_RUN ] \ && continue # ensure the directory exists... - mkdir -p "$(dirname "${assets_dir}/${file}")" + mkdir -p "$(dirname "${staging_dir}/${file}")" cat "${template_dir}/${file}" \ - | eval "sed ${PATTERNS[@]}" \ - > "${assets_dir}/${file}" + | expandTemplate \ + > "${staging_dir}/${file}" done # special case: NOTES.md... if [ -z "$DESCRIPTION" ] && [ -e "$NOTES" ] ; then DESCRIPTION="$(\ cat ${NOTES} \ - | eval "sed ${PATTERNS[@]}")" + | expandTemplate)" fi } +# +# pctPushAssets ID +# +pctPushAssets(){ + @ pct-push-r $1 "${STAGING_DIR:-./staging}" / +} + + # # pctCreate ID TEMPLATE ARGS [PASS] # @@ -598,7 +653,7 @@ pctCreate(){ # pctCreateAlpine(){ local TEMPLATE - getLatestTemplate alpine TEMPLATE + pveGetLatestTemplate alpine TEMPLATE pctCreate $1 "$TEMPLATE" "$2" "$3" @@ -609,7 +664,7 @@ pctCreateAlpine(){ } pctCreateDebian(){ local TEMPLATE - getLatestTemplate 'debian-12-standard' TEMPLATE + pveGetLatestTemplate 'debian-12-standard' TEMPLATE pctCreate $1 "$TEMPLATE" "$2" "$3" @@ -620,7 +675,7 @@ pctCreateDebian(){ } pctCreateUbuntu(){ local TEMPLATE - getLatestTemplate ubuntu TEMPLATE + pveGetLatestTemplate ubuntu TEMPLATE pctCreate $1 "$TEMPLATE" "$2" "$3" @@ -637,7 +692,7 @@ pctCreateTurnkey(){ local app=$1 shift local TEMPLATE - getLatestTemplate '.*-turnkey-'$app TEMPLATE + pveGetLatestTemplate '.*-turnkey-'$app TEMPLATE pctCreate $1 "$TEMPLATE" "$2" "$3" diff --git a/config.global.example b/config.global.example index 3a285e8..4c94777 100644 --- a/config.global.example +++ b/config.global.example @@ -33,17 +33,18 @@ LAN_BRIDGE= ADMIN_BRIDGE= +# NOTE: it is simpler to statically assign these than to configure dhcp +# plus port forewarding to the dynamically assigned IP. DFL_WAN_IP=192.168.1.101/24 DFL_WAN_GATE=192.168.1.252 DFL_WAN_SSH_IP:192.168.1.102/24 -# Doman and email configuration +# Domain and email configuration # -EMAIL=user@example.com - DOMAIN=example.com +EMAIL=user@example.com # Web app/service domain configuration diff --git a/gate-traefik/make.sh b/gate-traefik/make.sh index 31740fd..f04cf7a 100755 --- a/gate-traefik/make.sh +++ b/gate-traefik/make.sh @@ -75,7 +75,7 @@ echo "# Installing dependencies..." @ lxc-attach $ID apk add bash bridge iptables traefik logrotate echo "# Copying assets..." -@ pct-push-r $ID ./assets / +pctPushAssets $ID echo "# Setup: traefik..." @ lxc-attach $ID rc-update add traefik diff --git a/gitea/make.sh b/gitea/make.sh index bc14d42..328b372 100644 --- a/gitea/make.sh +++ b/gitea/make.sh @@ -72,7 +72,7 @@ echo "# Starting TKL UI..." @ lxc-attach $ID -- bash -c "HUB_APIKEY=SKIP SEC_UPDATES=SKIP /usr/sbin/turnkey-init" echo "# Copying assets..." -@ pct-push-r $ID ./assets / +pctPushAssets $ID echo "# Disabling fail2ban..." # NOTE: we do not need this as we'll be running from behind a reverse proxy... diff --git a/nextcloud/make.sh b/nextcloud/make.sh index 0ff54fd..28efefd 100755 --- a/nextcloud/make.sh +++ b/nextcloud/make.sh @@ -145,7 +145,8 @@ done @ lxc-attach $ID -- turnkey-occ maintenance:update:htaccess echo "# Copying assets..." -@ pct-push-r $ID ./assets / +pctPushAssets $ID +# XXX need to push proxy config to gate... echo "# Disabling fail2ban..." # NOTE: we do not need this as we'll be running from behind a reverse proxy... diff --git a/ns/make.sh b/ns/make.sh index c10b2ad..bb72757 100755 --- a/ns/make.sh +++ b/ns/make.sh @@ -75,7 +75,7 @@ echo "# Installing dependencies..." @ lxc-attach $ID apk add bash dnsmasq logrotate echo "# Copying assets..." -@ pct-push-r $ID ./assets / +pctPushAssets $ID echo "# Setup: dnsmasq..." @ lxc-attach $ID rc-update add dnsmasq diff --git a/syncthing/make.sh b/syncthing/make.sh index 2573f03..4b3a484 100755 --- a/syncthing/make.sh +++ b/syncthing/make.sh @@ -60,6 +60,9 @@ OPTS_STAGE_2="\ #---------------------------------------------------------------------- +echo "# Building config..." +buildAssets + echo "# Creating CT..." pctCreateAlpine $ID "${OPTS_STAGE_1}" "$PASS" diff --git a/wireguard/make.sh b/wireguard/make.sh index 2b29ece..710af9d 100755 --- a/wireguard/make.sh +++ b/wireguard/make.sh @@ -100,7 +100,7 @@ echo "# Installing dependencies..." iptables wireguard-tools-wg-quick make bind-tools libqrencode logrotate echo "# Copying assets..." -@ pct-push-r $ID ./assets / +pctPushAssets $ID @ lxc-attach $ID -- chmod +x /root/getFreeClientIP echo "# Setup: wireguard server and client profile..."